Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft
File:                     sTSesOfbZTbKeYKWH_rJsykWXF8.mft (raw, json)
Hash identifier:          1ATQBc5Rholn/jelZ4xmBeC0i89ROvuVa6DXWkHZ0qc=
Subject key identifier:   AA:89:35:1F:15:E5:FF:FB:E6:77:DC:E2:7D:AF:31:70:B8:F4:BF:6A
Authority key identifier: B1:34:9E:B0:E7:DB:65:36:CA:79:82:96:1F:FA:C9:B3:29:16:5C:5F
Certificate issuer:       /CN=b1349eb0e7db6536ca7982961ffac9b329165c5f
Certificate serial:       0198D5F1CDE47AB19E3C9389F181104C1779
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTSesOfbZTbKeYKWH_rJsykWXF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft
Manifest number:          02FE
Signing time:             Sat 23 Aug 2025 08:00:50 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:50 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:50 +0000
Files and hashes:         1: sTSesOfbZTbKeYKWH_rJsykWXF8.crl (hash: zBkAFyif9Rn2eUwkVdaVp7rVVsfikyt3vjDpVfnh+aQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTSesOfbZTbKeYKWH_rJsykWXF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:cd:e4:7a:b1:9e:3c:93:89:f1:81:10:4c:17:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1349eb0e7db6536ca7982961ffac9b329165c5f
        Validity
            Not Before: Aug 23 08:00:50 2025 GMT
            Not After : Aug 24 08:00:50 2025 GMT
        Subject: CN=aa89351f15e5fffbe677dce27daf3170b8f4bf6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:e9:ab:cd:25:69:63:ae:73:70:ea:01:fd:f3:
                    1c:f2:0e:11:78:67:34:07:09:96:35:47:4b:67:07:
                    25:a2:fc:95:bb:52:97:12:07:ca:cf:a8:a7:89:05:
                    e3:98:9f:02:09:8a:bf:9a:04:0a:36:3a:3f:16:d6:
                    13:c1:b1:ac:21:9c:e4:42:fa:9b:50:a6:7a:34:bd:
                    41:56:e8:af:fc:27:df:47:3d:55:5c:00:02:ea:61:
                    01:4e:54:46:e7:12:f5:4a:19:ca:08:d5:b8:6e:d9:
                    6a:cd:99:b5:be:42:c1:a8:7d:bd:d2:7e:14:de:5d:
                    52:25:3a:05:51:34:39:8e:49:e0:f2:55:58:18:47:
                    27:e0:24:10:91:6c:9f:c9:e2:53:a6:3f:f2:62:55:
                    aa:c6:d2:0e:1d:fb:1f:40:6f:0c:11:8d:61:0d:f6:
                    c2:6a:c3:f6:6a:c5:45:e2:d4:b7:f4:19:77:a7:e8:
                    3a:9a:9a:63:e6:1a:6a:a2:79:0b:1b:63:dd:79:8c:
                    cb:3b:d4:8f:b1:90:6d:10:93:d2:34:a4:dd:1b:f4:
                    97:9d:10:41:ad:39:72:6b:23:61:6d:28:73:1e:93:
                    bc:6d:a6:66:45:22:72:38:24:64:3a:a3:f8:8c:d4:
                    8f:c8:d0:09:ab:57:27:42:06:60:4c:a1:9f:ad:e9:
                    5d:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:89:35:1F:15:E5:FF:FB:E6:77:DC:E2:7D:AF:31:70:B8:F4:BF:6A
            X509v3 Authority Key Identifier:
                keyid:B1:34:9E:B0:E7:DB:65:36:CA:79:82:96:1F:FA:C9:B3:29:16:5C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTSesOfbZTbKeYKWH_rJsykWXF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:e7:c3:46:58:53:b0:c2:2a:34:c4:a3:5f:0a:2c:1b:e0:93:
         90:26:3c:05:7b:5f:89:77:87:2e:3f:19:6d:b1:b7:da:b6:be:
         22:1f:5b:3a:a8:d3:08:bd:d4:f9:15:75:b3:50:a8:29:03:5b:
         4b:e6:9c:75:e1:31:44:03:4a:a6:a8:08:a1:6a:2d:79:7b:4d:
         f7:83:4f:1a:7a:81:40:92:b5:31:2b:bc:d0:75:60:63:cd:ac:
         56:6a:04:0c:13:e8:f2:a2:c8:2a:29:04:a1:3d:01:76:41:8c:
         ff:62:9d:5f:a8:af:91:52:7e:74:b1:1c:89:b7:6d:75:7f:b4:
         a6:0f:0b:fd:af:d4:29:c4:d3:e5:a3:05:56:bc:0d:5d:f9:a0:
         af:b3:73:66:7f:32:39:12:82:5f:c0:48:f7:5f:41:43:22:3b:
         4e:18:0e:93:cd:b5:2e:c5:83:ab:8b:ef:95:73:1b:c6:2c:0c:
         12:2e:a1:7e:41:23:06:53:1d:76:80:a0:c0:9a:0e:ec:fe:0f:
         5b:45:cf:77:d2:6f:8d:30:ff:93:0c:36:f9:b1:d8:6c:14:4f:
         99:c9:fa:ad:e0:e2:13:28:29:e4:38:28:c1:5e:4f:68:9b:be:
         f4:78:56:ce:e8:4e:ea:dd:8a:19:ec:e9:c6:37:cb:83:61:8f:
         67:e6:12:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8c3kerGePJOJ8YEQTBd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzQ5ZWIwZTdkYjY1MzZjYTc5ODI5NjFmZmFjOWIzMjkx
NjVjNWYwHhcNMjUwODIzMDgwMDUwWhcNMjUwODI0MDgwMDUwWjAzMTEwLwYDVQQD
EyhhYTg5MzUxZjE1ZTVmZmZiZTY3N2RjZTI3ZGFmMzE3MGI4ZjRiZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+mrzSVpY65zcOoB/fMc8g4ReGc0
BwmWNUdLZwclovyVu1KXEgfKz6iniQXjmJ8CCYq/mgQKNjo/FtYTwbGsIZzkQvqb
UKZ6NL1BVuiv/CffRz1VXAAC6mEBTlRG5xL1ShnKCNW4btlqzZm1vkLBqH290n4U
3l1SJToFUTQ5jkng8lVYGEcn4CQQkWyfyeJTpj/yYlWqxtIOHfsfQG8MEY1hDfbC
asP2asVF4tS39Bl3p+g6mppj5hpqonkLG2PdeYzLO9SPsZBtEJPSNKTdG/SXnRBB
rTlyayNhbShzHpO8baZmRSJyOCRkOqP4jNSPyNAJq1cnQgZgTKGfreldNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqJNR8V5f/75nfc4n2vMXC49L9qMB8GA1UdIwQY
MBaAFLE0nrDn22U2ynmClh/6ybMpFlxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RTZXNPZmJaVGJLZVlLV0hfckpzeWtXWEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xYjMwYmYtYmNjNy00Nzc3LTkxNDYt
N2EzMGJlNWNlY2MwLzEvc1RTZXNPZmJaVGJLZVlLV0hfckpzeWtXWEY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xYjMwYmYtYmNjNy00Nzc3LTkxNDYtN2EzMGJlNWNlY2Mw
LzEvc1RTZXNPZmJaVGJLZVlLV0hfckpzeWtXWEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnefDRlhT
sMIqNMSjXwosG+CTkCY8BXtfiXeHLj8ZbbG32ra+Ih9bOqjTCL3U+RV1s1CoKQNb
S+acdeExRANKpqgIoWoteXtN94NPGnqBQJK1MSu80HVgY82sVmoEDBPo8qLIKikE
oT0BdkGM/2KdX6ivkVJ+dLEcibdtdX+0pg8L/a/UKcTT5aMFVrwNXfmgr7NzZn8y
ORKCX8BI919BQyI7ThgOk821LsWDq4vvlXMbxiwMEi6hfkEjBlMddoCgwJoO7P4P
W0XPd9JvjTD/kww2+bHYbBRPmcn6reDiEygp5DgowV5PaJu+9HhWzuhO6t2KGezp
xjfLg2GPZ+YS9Q==
-----END CERTIFICATE-----